The University of Johannesburg (UJ) is a vibrant and cosmopolitan university, anchored in Africa and driven by a powerful strategy focused on attaining global excellence and stature (GES). With an emphasis on independent thinking, sustainable development, and strategic partnerships, UJ is an international university of choice. The University is guided by the Vice-Chancellor’s vision of “Positioning UJ in the Fourth Industrial Revolution (4IR) for societal impact in the context of the changing social, political, and economic fortunes of Africa”.

• Be situated at the Auckland Park Kingsway Campus, but not excluded from supporting all campuses
• Fulfil management, leadership, technical and administrative roles in the Department

• Establish an Information Security Management and Protection Framework for developing and implementing an effective enterprise-wide Information Security Governance and Strategy Programme.
• Define a Cybersecurity strategy and operating model aligned with UJ business objectives with a clear, tracked and measurable cybersecurity plan.
• Assume responsibility for UJ's information security and compliance programme, building and leading a high-performing cybersecurity and compliance team and advisory consultancy to business and IT domain leaders.
• Manage the day-to-day activities, including policies, procedures, training and communication regarding the Information Governance Programme.
• Perform regular IT Security Maturity Assessments for the respective UJ IT areas, including people, processes and technologies.
• Lead the security documentation process to ensure progress and auditability.
• Lead the implementation of a secure system development life cycle.
• Develop, implement and maintain IT security policies, procedures, standards and practices to ensure conformance with generally accepted practices and mandatory legislation / regulations.
• Conduct information assets security risk assessment.
• Lead the implementation and monitoring of information and data quality standards, policies and procedures.
• Oversee the selection, deployment and validation of IT Information security controls to ensure that security and compliance requirements are met.
• Ensure that information security threats are identified, detected, responded to, recovered from and followed up on.
• Ensure security programmes compliancy with relevant laws, regulations and policies to minimise or eliminate risk and audit findings.
• Integrate an Information and Cyber Security Risk Management Framework.
• Present regular reports to UJ executives and auditors on the cybersecurity status of the organisation.
• Collaborate with key stakeholders to proactively identify local issues and areas of risk that impact data quality, availability, and confidentiality. Implement preventive measures and remedial action when required.
• Conduct security audits to identify gaps and implement controls to mitigate risks.

• Degree or any relevant qualification (NQF 8)
• 5 to 8 years' of management experience in an Information Security Management
• Information security, project management and IT service management experience
• People management experience
• Stakeholder management experience
• Outsourced services and management of commercial partners
• Managing strategic change in a dynamic operating environment
• Translating broad business needs and understanding the key drivers of enterprise applications
• Risk assessment and mitigation risk-related industry-standard qualifications such as CISA, CISM or CISSP

• Good interpersonal and communication skills (verbal and written).
• Ability to maintain sound human relations and transfer skills and knowledge.
• Strong decision making and budget control skills.
• Strong Risk management and Cyber security awareness.
• IT Policies and Procedures.
• Collaborating with business managers to determine and deliver value adding IT solutions.
• Ability to manage a multi technology technical support team.
• Vendor management.
• Knowledge of the latest Information security technologies.
• Firewall standards and protocols.

• Project Management
• Contract negotiations

• Working together
  • Demonstrates and Proactively enables and encourages teamwork.
• Communication & influencing
  • Proactively builds relationships and generates effective discussion and mutual support for plans and ideas.
• Managing Knowledge
  • Proactively seeks out new knowledge sources. Uses and shares knowledge effectively.
• Striving for excellence
  • Sets and measures challenging objectives for self and others.
  • Gives evidence-based feedback that helps others to excel.
• Managing Resources
  • Finds creative and innovative ways to allocate and utilize resources.
• Managing People
  • Builds an effective team with clear objectives; allocates work appropriately; deals with poor performance and recognises success.
• Developing People
  • Helps team members to create and implement clear development plans that meet own and ICS short and long term goals.
• Leading for the Future
  • Builds confidence and excitement in ICS work and vision, both internally and externally.
• Thinking Strategically
  • Decisive, takes a big picture view, coaches others to consider long-term impact, and to consult within and beyond ICS.
• Delivering Results
  • Plans and manages appropriately; holds self and team accountable for achieving goals.